Threat and Risk Assessments in a Network Environment Ted Reinhardt Course 94.470 [email protected].

15
Threat and Risk Assessments in a Network Environment Ted Reinhardt Course 94.470 [email protected]

Transcript of Threat and Risk Assessments in a Network Environment Ted Reinhardt Course 94.470 [email protected].

Threat and Risk Assessmentsin a Network Environment

Ted Reinhardt

Course 94.470

[email protected]

Threat and RiskAssessment Overview

an Evaluation of theThree Little Pigs

Performance

Asset Value

Dwelling

Confidentiality, Integrity, Availability and Value

Threat Threat agent

Destruction

Threat Class

Blows HouseDown

Wolff

25 km/h

Threat Event

Threat Classes

Destruction - Blows House Down

Removal - Steals house by moving it off foundation

Disclosure - Listens in to conversations in the house

Interruption - Keeps knocking on the door preventing owner fromdoing work

Modification - Redecorates house (like Trading Spaces)

DR DIM

Little Pig #1 - Straw HouseThreat and Risk Assessment

Threat Likelihood Impact Risk

DestructionWolf blowsdownhouse

Low High Low

Pig #1 Straw HousePerformance Evaluation

One night the big bad wolf, who dearly loved to eat fat little

piggies, came along and saw the first little pig in his house of straw. He said "Let me in, Let me in, little pig or I'll huff and I'll puff and I'll blow your house in!” "Not by the hair of my chinny chin chin", said the little pig.

But of course the wolf did blow the house in and ate the first little pig.

Threat Assessment was wrong. Likelihood was incorrectly assessed.

Little Pig #3 - Post Straw House AttackThreat AssessmentThreat Likelyhood Impact Risk Safeguard Risk

WolfBlowingdownhouses

LowHigh (2pigs dead)

High LowHigh

BrickHouse

LowHigh

Safeguard

Administrative, Procedural or Technical mechanisms used to mitigate a threat.

Safeguards Cost to Implement

House made of Sticks (wind loading 10 mph) $2.00/bundleHouse made of Bricks (wind loading 70 mph) $1000/pallet

Management Risk Decision

accept the risk

mitigate the risk

Risk Cost

Balance is important

Re-evaluateSafeguards Periodically

Identity Threats Events

DestructionRemovalDisclosureInterruptionModification

NETSEC ThreatClasses

Typical Threat Events

EavesdroppingTraffic Flow AnalysisMasqueradingDenial of service

attacksRepudiationReplay

Covert Channel

Select Safeguards

AuthenticationAccess ControlConfidentialityIntegrityNon-repudiationAvailability -- redundancy,recovery,disaster

Layer SafeguardsFilteringRouters & 2 feeds

IPSECVPNGateway

Firewall

Firewall

Web ServerTLS

ServerNetworkFilterDetection

Hardened Server